I want to use the same authentication method for Symfony sites that have the same domain. I use a cookie valid for all subdomains and sfPDOSessionStorage to store session data.
factories.yml is configured this way on both projects:
all: storage: class: sfPDOSessionStorage param: database: doctrine db_table: sessions session_name: myauth db_id_col: id db_data_col: sess_data db_time_col: time session_cookie_domain: ".mydomain.net" session_cookie_lifetime: 86400 session_cookie_path: /
On my development machine and on my shared machine, this mechanism works fine, but on the server itβs not (they ask me for credentials when switching subdomains). The only difference that I see between the two environments is the format in which the data is stored, the data seems to be encrypted on the prod server, but displayed in clear text on my machine. There is no sensitive data here, so I can post an example:
dev environment sess_data:
symfony/user/sfUser/lastRequest|i:1295349567;symfony/user/sfUser/authenticated|b:0;symfony/user/sfUser/credentials|a:0:{}symfony/user/sfUser/attributes|a:1:{s:30:"symfony/user/sfUser/attributes";a:1:{s:7:"referer";s:0:"";}}symfony/user/sfUser/culture|s:2:"fr";
Sess_data production server:
BB7HBTsQg75NNGvb9Z8sexldqbS79YzDgrztQzSFhsUpEk2EeCOtKw8FQbm31vLIRyr3ZP_klwZFXywnkdem27naIWjIVBP_WwpwNRg4IMj1J0fIfxJN_UOw2RbCWh91L5ryCD_7_ynN2UtxfuJwUWnxoGuUvqD8YQxNdczQipmktPVFk1mVfKE1-BsrdHHLIXH_gi44-Bos3f-EshE5skuQpachnY1FkgvvvOuXEj7zxPflgA3xtGoqJxkDijT-uKnQCH4TrimhvkIRGCt0oVuOdsAJzuWW6ijgPCD3X767mSIzm_lQmJoSGxDB7fAgFihB7Ljoq0tsysC62BqTYFB6dTnuZoj3KON8lXlyNJZVyLgTWZ3EYoObtc8jCKYNDonSjEqzTvwg4NJRVoB5ePx61iTqbDd9qFlkryzj9J8.
I have no clue what type of encryption is used to store information in the database, and I'm not sure if this is the root of my problems, but since this is the only difference I can find, I do not see any other explanation. (The versions of PHP and MySQL are identical, with Ubuntu 10.10 on my side and on the server side of Debian).
source share